Consistent policy enforcement in distributed systems using mobile policies

This paper briefly traces the evolution of information system architectures from mainframe-connected terminals to distributed multi-tier architectures. It presents the challenges facing developers of multitier information systems in providing effective consistent data policy enforcement, such as access control in these architectures. Finally, it introduces "Mobile Policy" (MoP) as a potential solution and presents a framework for using mobile policy in the business logic tier of multi-tier information systems.

[1]  Sushil Jajodia,et al.  Using attribute certificates with mobile policies in electronic commerce applications , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[2]  Mary Ellen Zurko,et al.  A user-centered, modular authorization service built on an RBAC foundation , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[3]  Tom Digre Business Object Component Architecture , 1998, IEEE Softw..

[4]  Sabrina De Capitani di Vimercati,et al.  A modular approach to composing access control policies , 2000, CCS.

[5]  Spencer E. Minear,et al.  Providing Policy Control Over Object Operations in a Mach-Based System , 1995, USENIX Security Symposium.

[6]  Sushil Jajodia,et al.  Going Beyond MAC and DAC Using Mobile Policies , 2001, SEC.

[7]  Brad J. Cox,et al.  Object-oriented programming ; an evolutionary approach , 1986 .

[8]  David L. Black,et al.  Microkernel operating system architecture and Mach , 1991 .

[9]  Mary Ellen Zurko,et al.  Separation of duty in role-based environments , 1997, Proceedings 10th Computer Security Foundations Workshop.

[10]  Gio Wiederhold,et al.  Mediators in the architecture of future information systems , 1992, Computer.